- Changelog for v1.2.0 (2019-03-30) * Update release notes for v1.2.0 * Remove wait event * Vendor Buildah 1.7.2 * Add locking to ensure events file is concurrency-safe * Alter container/pod/volume name regexp to match Docker * test: test that an unprivileged user cannot access the storage * userns: do not use an intermediate mount namespace * volumes: push the chown logic to runtime_volume_linux.go * Cleanup image2 -> image for imports * Set blob cache directory based on GraphDriver * utils: call GetRootlessRuntimeDir once * rootless: set sticky bit on rundir * oci: drop reference to runc * Fix lint * Ensure that we make a netns for CNI non-default nets * rootless: change env prefix * vendor buildah, image, storage, cni * Default to SELinux private label for play kube mounts * Add watch mode to podman ps * Add all container status states to the podman-ps manual page. * fix bug `system df` add blank space to the output * fix bug remote-podman images --digests * Use spaces instead of tab for JSON marshal indent * Fix gofmt * Remove ulele/deepcopier in favor of JSON deep copy * doc: add note that pod publish ports are static once defined * Sigh; disable pod-top test, it's unreliable (#2780) * Resolve review comments * Add a test that --add-host conflicts with --no-hosts * Add manpages and completions for dns=none and no-hosts * Add --no-hosts flag to disable management of /etc/hosts * Add for --dns=none to disable creation of resolv.conf * Add support to disable creation of network config files * system df: reject invalid arguments * rootless: fix regression when using exec on old containers * Touchup commands.md * size is optional for container inspection * Add three test cases for podman attach test * system df to show podman disk usage * Add "died" event * docs/podman-pod-create.1.md: add example with port mapping * podman health check phase3 * userns: use the intermediate mountns for volumes * volume: create new volumes with right ownership * utils: drop dead function * troubleshooting: explain setup user: invalid argument * Cirrus: Verify manpages for all subcommands exist * Make "stopped" a valid state that maps to "exited" * fix Bug 1688041-podman image save removes existing image * podman: do not split --env on comma * Need to pass the true paramater with --syslog in cobra * Fix man page to mention race condition * docs/podman-run.1.md: remove extra whitespace in --read-only * man pages - consistency fixes * Add new key and never-expiring test certificate * Cirrus: Run vendor check in parallel * Cirrus: Various fixes for rootless testing * ps: fix segfault if the store is not initialized * tests: re-enable some tests for rootless mode * rootless: implement pod restart * rootless: reimplement restart with rootless.Argument() * test: fix SkipIfRootless() helper * rootless, rm: fix retcode when the container is not found * rootless: fix ps command * rootless: fix pod kill * Enable rootless integration tests * BATS: new tests, and improvements to existing ones * podman umount: error out if called with no args * Export ConmonPidFile in 'podman inspect' for containers * support GO template {{ json . }} * Incorporate user from image inspect data in play kube * Cirrus: Disable master-success IRC notices * Cleanup messages on podman load * Cirrus: Update VM Cache images * podman logs on created container should exit * Fix cut and paste errors in podman-pod-inspect * rootless: fix pod top * pod: fix segfault when there are no arguments to inspect * output of port grouping in ps command added as example * utils: split generation and writing of storage.conf * Cirrus: Fix post-merge failure notice * utils: avoid too long tmp directory * podman image tree: fix usage message * Cirrus: Notify on IRC if post-merge testing fails * rootless: change default path for conmon.pid * Add CLI storage conf example to run manpage * Integration test tweaks * display logs for multiple containers at the same time * Make 'podman rm' exit with 125 if it had a bogus & a running container * rootless: write the custom config file before reload * Add support for SCTP port forwarding * Make sure buildin volumes have the same ownership and permissions as image * rootless: do not override user settings * runtime: refactor NewRuntime and NewRuntimeFromConfig * events: use os.SEEK_END instead of its value * container: check containerInfo.Config before accessing it * rootless: use Geteuid instead of Getuid * rootless: use /tmp/libpod-rundir-$EUID for fallback * build: fix build DIR -t TAG * testcase added for listing range of ports in ps command * port grouping in ps command output * Update pull and pull-always in bud man page * cirrus: upgrade slirp4netns * rootless: fix CI regression when using slirp4netns * save-load-export: clear cli-parsing default * Bump timeout on a podman info test to default * Replace skopeo-containers with containers-common * slirp4netns: use --disable-host-loopback * slirp4netns: set mtu to 65520 * Tree implementation for podman images * Replace buildah with podman in build doc * zsh completion * Usage messages: deduplicate '(default true)' et al * Corrected detach man pages and code comments * Add --replace flag to "podman container runlabel" * rm: fix cleanup race * Add gating tasks * Add 'podman events' to podman(1) * Vendor docker/docker, fsouza and more #2 * Usability cleanup for 'inspect' * Add event on container death * Update vendor of Buildah and imagebuilder * minor typo fix in 'podman top' usage * healtcheck phase 2 * Add event logging to libpod, even display to podman * Fix SELinux on host shared systems in userns * Fix broken link in io.podman.varlink * move formats pkg to and vendor from buildah * Ensure that tmpfs mounts do not have symlinks * Update troubleshooting guide for Podman-in-Podman * Buffer stdin to a file when importing "-" * vendor psgo v1.2 * preparation for remote-client create container * Initialize field in InfoHost struct * rootless: allow single mappings * Remove --rm and --detach don't coexist note * rootless: fix pod stop|rm if uid in the container != 0 * rootless: fix rm when uid in the container != 0 * rootless: disable pod stats * rootless: do not create automatically a userns for pod kill * rootless: support a custom arg to the new process * slirp4netns: add builtin DNS server to resolv.conf * errors: fix error cause comparison * libpod: allow to configure path to the network-cmd binary * build: honor --net * pull: promote debug statement to error * Fix generation of infra container command * Remove an unused if statement I added * Don't delete another container's resolv and hosts files * Fix a potential segfault during infra container create * We don't use crio-umount.conf * Move secrets package to buildah * Add troublshoot information about SELinux labeling of containers/storage * test docs fixups * Default to image entrypoint for infra container * ginkgo status improvements * rootless: propagate errors from info * podman play kube defaults * container runlabel respect $PWD * Remove 'podman ps' restarting filter and fix stopped * label parsing in non-quoted field * More cleanup for failures on missing commands. * add podman-healthcheck(1) to podman(1) * Implement review feedback * new system tests under BATS * fix bug in podman images list all images with same name * Fix help commands to show short and long description. * implement showerror and accept HOST_PORT env which defaults to 8080 * create: join also the mount ns of the dependency * rootless: exec join the user+mount namespace * oci: make explicit the extra files to the exec * add test to cover networking * tests to cover locks and parallel execution #2551 * Yet another seemingly minor tweak to usage message * Change LookupContainer logic to match Docker * Implement podman-remote wait command and container subcommand * Cirrus: Use imgts container to record metadata * System-test: Documentation and TODO list * podman-remote pod top|stats * fix bug --device enable specifying directory as device * add flag --extract tar file in podman cp * Fix incorrect pod create failure * libpod/container_internal: Split locale at the first dot, etc. * Add volume mounting to podman play kube * podman healthcheck run (phase 1) * Append hosts to dependency container's /etc/hosts file * rootless: fix clone syscall on s390 and cris archs * Cirrus: Add dedicated rootless mode testing * rootless: fill in correct storage conf default * rm: set exit code to 1 if a specified container is not found * Support filter image by reference to the repo name * Bump gitvalidation epoch * Bump to v1.2.0-dev * Support podman-remote kill container(s) * cirrus: Drop ginkgo, gomega, easyjson install * Cirrus: Stop testing on RHEL * Cirrus: Stop testing on RHEL * Globally increase test timeout to 90-minutes * cirrus: Drop ginkgo, gomega, easyjson install * Cirrus: Add BATS package for all platforms * Globally increase test timeout to 90-minutes * exec: support --preserve-fds * get_ci_vm.sh: Fix conflicting homedir files - Changelog for v1.1.2 (2019-03-04) * Fix #2521 * Update release notes for v1.1.2 * Change timestamp format for podman logs * Don't extract tar file in podman cp * runtime: fill a proper default tmpdir when --config is used * Add additional defense against 0-length log segfaults * When logging with timestamps, append only until newline * Ensure that each log line is newline-terminated * A few more usage-message tweaks * Add missing short flag -l for run/create * Fix aliased commands to actually work * Support podman-remote stop container(s) * Add tests to make sure podman container and podman image commands work * Bump gitvalidation epoch * Bump to v1.2.0-dev - Changelog for v1.1.1 (2019-03-01) * Update release notes for v1.1.1 * Pull image for runlabel if not local * Fix SystemExec completion race * Fix link inconsistencies in man pages * Verify that used OCI runtime supports checkpoint * Should be defaulting to pull not pull-always * podman-commands script: refactor * Move Alias lines to descriptions of commands * Fix usage messages for podman image list, rm * Fix -s to --storage-driver in baseline test * No podman container ps command exists * Allow Exec API user to override streams * fix up a number of misplace commands * rootless, new[ug]idmap: on failure add output * [ci skip] Critical note about merge bot * podman port fix output * Fix ignored --time argument to podman restart * secrets: fix fips-mode with user namespaces * Fix four errors tagged by Cobra macro debugging * Clean up man pages to match commands * Add debugging for errors to Cobra compatibility macros * Command-line input validation: reject unused args * Fix ignored --stop-timeout flag to 'podman create' * fixup! Incorporate review feedback * fixup! missed some more: * fixup! Correction to 'checkpoint' * Followup to #2456: update examples, add trust * podman create: disable interspersed opts * fix up a number of misplace commands * Add a task to Cirrus gating to build w/o Varlink * Skip checkpoint/restore tests on Fedora for now * Fix build for non-Varlink-tagged Podman * Remove restore as podman subcommand * Better usage synopses for subcommands * Bump gitvalidation epoch * Bump to v1.2.0-dev * Centralize setting default volume path * Ensure volume path is set appropriately by default * Move all storage configuration defaults into libpod * rename pod when we have a name collision with a container * podman remote-client readme - Changelog for v1.1.0 (2019-02-26) * Vendor in latest buildah 1.7.1 * volume: do not create a volume if there is a bind * Only remove image volumes when removing containers * Fix podman logs -l * start pod containers recursively * Update release notes for v1.1.0 * vendor containers/image v1.5 * Record when volume path is explicitly set in config * Add debug information when overriding paths with the DB * Add path for named volumes to `podman info` * Add volume path to default libpod.conf (and manpage) * Validate VolumePath against DB configuration * When location of c/storage root changes, set VolumePath * docs: cross-reference `podman-{generate,play}-kube` * README: refine "Out of scope" section * oci: improve error message when the OCI runtime is not found * Label CRIU log files correctly * Add num_locks to the default libpod config * podman-remote pod pause|unpause|restart * podman: fix ro bind mounts if no* opts are on the source * Change exit code to 1 on podman rmi nosuch image * README.md: rephrase Buildah description * README: update "out of scope" section * Change exit code to 1 on podman rm nosuch container * podman-remote create|ps * remove duplicate commands in main * issue template: run `podman info --debug` * Fix play to show up in podman help * Switch defaults for podman build versus buildah * In shared networkNS /etc/resolv.conf&/etc/hosts should be shared * Allow dns settings with --net=host * Fix up handling of user defined network namespaces * Enable more podman-remote pod commands * tests, rootless: use relative path for export test * rootless: force same cwd when re-execing * Vendor Buildah v1.7 * Exit with errors not just logging error * cmd: support rootless mode for cp command * hide --latest on the remote-client * Improve command line validation * make remote-client error messaging more robust * podman: --runtime has higher priority on runtime_path * podman-remote pod inspect|exists * Cirrus: Install Go 1.11 on Ubuntu VMs * Cirrus: Add 20m extra timeout for Ubuntu * Introduce how to start to hack on libpod. * update: remove duplicate newline * Fix typo in comment * podman-remote load image * Do not make renumber shut down the runtime * Add podman system renumber command * Add ability to get a runtime that renumbers * Recreate SHM locks when renumbering on count mismatch * Move RenumberLocks into runtime init * Remove locks from volumes * Expand renumber to also renumber pod locks * Add ability to rewrite pod configs in the database * Add initial version of renumber backend * Add a function for overwriting container config * enable podman-remote pod rm * vendor containers/image v1.4 * Adjust LISTEN_PID for reexec in varlink mode * Update c/storage vendor to v1.10 release * add newline to images output * podman-remote save [image] * hack/tree_status.sh: preserve new lines * remove duplicate kill from `podman --help` * iopodman.SearchImages: add ImageSearchFilter to Varlink API * image.SearchImages: use SearchFilter type * SearchImages: extend API with filter parameter * podman-search: refactor code to libpod/image/search.go * podman-search: run in parallel * Ensure that userns is created for stopped rootless pods * Podman pod create now errors on receiving CLI args * podman-remote pull * Don't start running dependencies * Fifth chunk of Cobra Examples * Add 4th chunk of Cobra Examples * OpenTracing support added to start, stop, run, create, pull, and ps * packer: Make Makefile host arch sensitive * Add 3rd chunk of Cobra examples * pod infra container is started before a container in a pod is run, started, or attached. * Add registry name to fields returned by varlink image search * Second chunk of Cobra help * podman: honor --storage-opt again * docs: mention the new OCI runtime configuration * libpod: honor runtime_path from libpod.conf * rootless: open the correct file * Fix `podman login` lying problem * Fix error code retrieval for podman start --attach * Enable --rm with --detach * Add examples for Cobra * Add tlsVerify bool to SearchImage for varlink * Fix volume handling in podman * enable podman-remote volume prune * add build to main and as subcommand to image * --password-stdin flag in `podman login` * 'podman cp' copy between host and container * podman-remote build * Vendor in latest c/storage and c/image * show container ports of network namespace * podman-remote volume inspect|ls * build varlink without GOPATH * completions: add --pod to run/create * Parse fq name correctly for images * Try disabling --rm on notify_socket test * podman-remote push * get_ci_vm : allow running without sudo * Only build varlink when buildtag is available * Remove a lot of '--rm' options from unit tests * Address review comments on #2319 * Retain a copy of container exit file on cleanup * Fix manual detach from containers to not wait for exit * varlink: Rename `SearchImage` to `SearchImages` * varlink: Rename `ContainerInList` to `Container` * varlink: Rename `ImageInList` to `Image` * varlink: Simplify GetVersion() call * varlink: Return all times in RFC 3339 format * Makefile: Don't include quotes around GIT_COMMIT * varlink: Remove the Ping() method * podman: Show error when creating varlink listener failed * varlink: Remove `NotImplemented` type * Don't show global flags except for podman command * podman-remote volume rm * Remove urfave/cli from libpod * podman-remote volume create * Separate remote and local commands * lock and sync container before checking mountpoint * oci: do not set XDG_RUNTIME_DIR twice * pod: drop not valid check for rootless * Podman pod stats -- fix GO template output * Add troubleshooting information about running a rootless containers. * Add --all-tags to pull command * Add common_test.go to single test instructions * Remove container from storage on --force * do not crash when displaying dangling images * Add volume mounts to PS output * Update image-trust man with further comments * Migrate to cobra CLI * Remove some dead type declarations * Fix down/missing registry.access.redhat.com * cleanup: use the correct runtime * make vendor: always check for latest vndr * install.md: add section about vendoring * Add varlink generate to the make documentation * Mention OSes that pass the build * Generate make helping message dynamicaly. * Makefile: minor fix to reenable system tests * Add StartPeriod to cmd/podman/docker.HealthConfig * Unconditionally refresh storage options from config * rootless: do not override /dev/pts if not needed * Fix handling of memory limits via varlink * Add documentation on running systemd on SELinux systems * Cirrus: add vendor_check_task * cleanup vendor directory * Revert "Vendor containers/buildah" * e2e tests: sigproxy: fix rare hang condition * Preserve exited state across reboot * Apply 50min timeout to integration tests * Capatilize all usage and descriptions * Add podman system prune and info commands * podman-remote import|export * tests: allow to override the OCI runtime * rootless: copy some settings from the global configuration * Vendor containers/buildah * Increase e2e info/json test exit timeout * Touch up image-trust man * Rework Podman description * vendor latest containers/image * Reduce Dockerfile based build time for libpod. * libpod/image: Use RepoDigests() in Inspect() * add Pod Manager References * Add support for short option -f in podman version * Add support for short option -s in podman inspect * Add support for short option -f * Changes to container runlabel for toolbox project * Fix regression in ps with custom format * Set SELinux type on bin/podman after install * Cirrus: Add RHEL-7 testing * For consistency in usage output the verbs changed from 3rd person to 1st person. * podman image prune -- implement all flag * Alter varlink API for ListContainerMounts to return a map * Make --quiet work in podman create/run * apparmor: don't load default profile in rootless mode * Cirrus: Enable AppArmor build and test * Update ArchLinux installation instructions * tutorials: describe how to use podman in updates-testing * [skip ci] Cirrus: Container for tracking image use * Cirrus: Use freshly built images * remove sudo * Vendor in latest containers/storage * Show a better error message when podman info fails during a refresh * enable podman-remote version * Update transfer.md and commands.md to add missing commands. * rootless: support port redirection from the host * Mask unimplemeted commands for remote client * Vendor in latest opencontainers/selinux * podman-remote inspect * Vendor in latest containers/storage * rootless: fix --pid=host without --privileged * Do not unmarshal into c.config.Spec * podman-inspect: don't ignore errors * Add openSUSE Kubic to install.md * cirrus: Record start/end time of important things * Cirrus: Consolidate VM image names in once place * Update README for v1.0.0 * Installing podman * Ensure that wait exits on state transition * Vendor in containers/storage * Add --latest and --all to podman mount/umount * Cleanup coverity scan issues * Embed runtime struct in super localRuntime * Collaberative podman-remote container exists * Fix up `image sign` in PR 2108 * add support for podman-remote history * Rename localRuntime to runtime in cmd/podman * podman remote integrations tests * podman remote client -- add rmi * Run integrations test with remote-client * [skip ci] Hack: Fix get_ci_vm.sh w/ gcloud ssh/scp * Update master branch with v1.0 changes from 1.0 branch * Add local storage.conf example to troubleshoot * config: store the runtime used to create each container * oci: allow to define multiple OCI runtimes * libpod: allow multiple oci runtimes * Remove imageParts.{isTagged,registry,name,tag} * Clarify comments about isRegistry a bit. * Use imageParts.unnormalizedRef in GetImageBaseName * FIXME? Introduce imageParts.suspiciousRefNameTagValuesForSearch * Use imageParts.referenceWithRegistry in Image.getLocalImage * Don't try to look up local images with an explicit :latest suffix * Return a reference.Named from normalizedTag * Use reference.TagNameOnly instead of manually adding imageParts.tag in normalizeTag * Use imageParts.normalizedReference in normalizeTag * Add imageParts.normalizedReference() * Use imageparts.referenceWithRegistry in normalizeTag * Remove no longer used imageParts.assemble() * Use getPullRefPair / getSinglePullRefPairGoal in pullGoalFromPossiblyUnqualifiedName * Use imageParts.referenceWithRegistry in pullGoalFromPossiblyUnqualifiedName * Use imageParts.referenceWithRegistry in getPullRefPair * Add imageParts.referenceWithRegistry * Don't use imageParts.assemble when pulling from a qualified name * Reorganize normalizeTag * Simplify pullGoalFromPossiblyUnqualifiedName * Remove imageParts.transport * Simplify pullGoalFromPossiblyUnqualifiedName * Inline imageParts.assembleWithTransport into callers * Record the original reference.Named in imageParts * Drop image.DecomposeString, make image.Parts private imageParts again * Don't call image.DecomposeString in imageInListToContainerImage * Add bridge support, for the varlink connection * Add troubleshooting statement for homedirs mounted noexec * Set default storage options from mounts.conf file. * podman play kube: add containers to pod * Add darwin support for remote-client * vendor: update everything * vendor make target * rootless: create the userns immediately when creating a new pod * rootless: join both userns and mount namespace with --pod * spec: add nosuid,noexec,nodev to ro bind mount * Use multi-arch images in test case scripts * Add varlink support for prune * Replace tab with spaces in MarshalIndent in libpod * Remove one more usage of encoding/json in libpod * Update vendor.conf for jsoniter vendor changes * Move all libpod/ JSON references over to jsoniter * Update json-iterator vendor to v1.1.5 * Remove easyjson in preparation for switch to jsoniter * remote-client support for images * Move python code from contrib to it's own repo python-podman * Use defaults if paths are not specified in storage.conf * (Minor) Cirrus: Print timestamp at start * fix up sigstore path * Trivial readme updates * podman: bump RLIMIT_NOFILE also without CAP_SYS_RESOURCE * Fix handling of nil volumes * sign: make all error messages lowercase * sign: use filepath.Join instead of fmt.Sprintf * createconfig: always cleanup a rootless container * Fix 'image trust' from PR1899 * libpod/image: Use ParseNormalizedNamed in RepoDigests * apparmor: apply default profile at container initialization * Fix up image sign and trust * If you fail to open shm lock then attempt to create it * List the long variant of each option before its shorter counterpart * Use existing interface to request IP address during restore * Added checkpoint/restore test for same IP * Enable checkpoint test with established TCP connections * .github/ISSUE_TEMPLATE: Suggest '/kind bug' and '/kind feature' * pkg/hooks/exec: Include failed command in hook errors * hooks/exec/runtimeconfigfilter: Log config changes * hooks: Add pre-create hooks for runtime-config manipulation * Add Validate completions * Add a --workdir option to 'podman exec' * Default --sig-proxy to true for 'podman start --attach' * Test that 'podman start --sig-proxy' does not work without --attach * [WIP]Support podman image sign * vendor latest buildah * Honor image environment variables with exec * Minor: Remove redundant basename command in ooe.sh * Rename libpod.Config back to ContainerConfig * Add ability to build golang remote client * vendor latest buildah * Add the configuration file used to setup storage to podman info * Address lingering review comments from SHM locking PR * podman: set umask to 022 * podman-login: adhere to user input * Vendor in latest containers/buildah code * Rootless with shmlocks was not working. * Readd Python testing * Update vendor of runc * [skip ci] Docs: Add Bot Interactions section * container runlabel NAME implementation * Bump time for build_each_commit step * Move lock init after tmp dir is populated properly * DO NOT MERGE temporarily remove python tests * When refreshing libpod, if SHM locks exist, remove them * Ensure different error messages and creating/opening locks * Update unit tests to use in-memory lock manager * Remove runtime lockDir and add in-memory lock manager * Convert pods to SHM locks * Convert containers to SHM locking * Add lock manager to libpod runtime * Move to POSIX mutexes for SHM locks * Disable lint on SHMLock struct * Refactor locks package to build on non-Linux * Add an SHM-backed Lock Manager implementation * Add interface for libpod multiprocess locks * Improve documentation and unit tests for SHM locks * Propogate error codes from SHM lock creation and open * Add mutex invariant to SHM semaphores. * Initial skeleton of in-memory locks * add container-init support * If local storage file exists, then use it rather then defaults. * vendor in new containers/storage * Fix completions * Touch up some troubleshooting nits * Warn on overriding user-specified storage driver w/ DB * Log container command before starting the container * Use sprintf to generate port numbers while committing * Add troubleshooting for sparse files * Fix handling of symbolic links * podman build is not using the default oci-runtime * Re-enable checkpoint/restore CI tests on Fedora * Fixes to handle /dev/shm correctly. * rootless tests using stop is more reliable * Allow alias for list, ls, ps to work * Refactor: use idtools.ParseIDMap instead of bundling own version * cirrus: Use updated images including new crui * Switch all referencs to image.ContainerConfig to image.Config * Allow users to specify a directory for additonal devices * Change all 'can not' to 'cannot' for proper usage * Invalid index for array * Vendor in latest psgo code to fix race conditions * test: add test for rootless export * export: fix usage with rootless containers * rootless: add function to join user and mount namespace * libpod: always store the conmon pid file * Use existing CRIU packages in CI setup * skip test for blkio.weight when kernel does not support it * Add Play * Cirrus: Skip build all commits test on master * prepare for move to validate on 1.11 only * [skip ci] Gate: Update docs w/ safer local command * Support podman image trust command * Makefile: validate that each commit can at least build * perf test a stress test to profile CPU load of podman * all flakes must die * Add information on --restart * generate service object inline * Cirrus: One IRC notice only * docs/tutorials: add a basic network config * display proper error when rmi -fa with infra containers * add --get-login command to podman-login. * Show image only once with images -q * Add script to create CI VMs for debugging * Cirrus: Migrate PAPR testing of F28 to Cirrus * Skip checkpoint tests on Fedora <30 * Cirrus: Add text editors to cache-images * Bump gitvalidation epoch * Bump to v0.12.2-dev * Clean up some existing varlink endpoints * mount: allow mount only when using vfs - Changelog for v1.0.0 (2018-1-11) * Update release notes for v1.0 * Remove clientintegration from Makefile * Regenerate EasyJSON to fix JSON issues * Update gitvalidation to avoid reverts w/o signoffs * Cirrus: Post-Merge Testing for v1.0 Branch * Move python code from contrib to it's own repo python-podman * Use defaults if paths are not specified in storage.conf * (Minor) Cirrus: Print timestamp at start * fix up sigstore path * Trivial readme updates * podman: bump RLIMIT_NOFILE also without CAP_SYS_RESOURCE * Fix handling of nil volumes * sign: make all error messages lowercase * sign: use filepath.Join instead of fmt.Sprintf * createconfig: always cleanup a rootless container * Fix 'image trust' from PR1899 * libpod/image: Use ParseNormalizedNamed in RepoDigests * apparmor: apply default profile at container initialization * Fix up image sign and trust * List the long variant of each option before its shorter counterpart * Use existing interface to request IP address during restore * Added checkpoint/restore test for same IP * Enable checkpoint test with established TCP connections * .github/ISSUE_TEMPLATE: Suggest '/kind bug' and '/kind feature' * pkg/hooks/exec: Include failed command in hook errors * hooks/exec/runtimeconfigfilter: Log config changes * hooks: Add pre-create hooks for runtime-config manipulation * Add Validate completions * Add a --workdir option to 'podman exec' * Default --sig-proxy to true for 'podman start --attach' * Test that 'podman start --sig-proxy' does not work without --attach * [WIP]Support podman image sign * vendor latest buildah * Honor image environment variables with exec * Minor: Remove redundant basename command in ooe.sh * Rename libpod.Config back to ContainerConfig * Add ability to build golang remote client * vendor latest buildah * Add the configuration file used to setup storage to podman info * podman: set umask to 022 * podman-login: adhere to user input * Vendor in latest containers/buildah code * Readd Python testing * Update vendor of runc * [skip ci] Docs: Add Bot Interactions section * container runlabel NAME implementation * Bump time for build_each_commit step * add container-init support * If local storage file exists, then use it rather then defaults. * vendor in new containers/storage * Fix completions * Touch up some troubleshooting nits * Log container command before starting the container * Use sprintf to generate port numbers while committing * Add troubleshooting for sparse files * Fix handling of symbolic links * podman build is not using the default oci-runtime * Re-enable checkpoint/restore CI tests on Fedora * Fixes to handle /dev/shm correctly. * rootless tests using stop is more reliable * Allow alias for list, ls, ps to work * Refactor: use idtools.ParseIDMap instead of bundling own version * cirrus: Use updated images including new crui * Switch all referencs to image.ContainerConfig to image.Config * Allow users to specify a directory for additonal devices * Change all 'can not' to 'cannot' for proper usage * Invalid index for array * Vendor in latest psgo code to fix race conditions * test: add test for rootless export * export: fix usage with rootless containers * rootless: add function to join user and mount namespace * libpod: always store the conmon pid file * Use existing CRIU packages in CI setup * skip test for blkio.weight when kernel does not support it * Add Play * Cirrus: Skip build all commits test on master * prepare for move to validate on 1.11 only * [skip ci] Gate: Update docs w/ safer local command * Support podman image trust command * Makefile: validate that each commit can at least build * perf test a stress test to profile CPU load of podman * all flakes must die * Add information on --restart * generate service object inline * Cirrus: One IRC notice only * docs/tutorials: add a basic network config * display proper error when rmi -fa with infra containers * add --get-login command to podman-login. * Show image only once with images -q * Add script to create CI VMs for debugging * Cirrus: Migrate PAPR testing of F28 to Cirrus * Skip checkpoint tests on Fedora <30 * Cirrus: Add text editors to cache-images * Clean up some existing varlink endpoints * mount: allow mount only when using vfs - Changelog for v0.12.1.2 (2018-12-13) * Add release notes for 0.12.1.2 * runlabel should sub podman for docker|/usr/bin/docker * condition fixed for adding volume to boltdb. * e2e: add tests for systemd * Add test for sharing resolv and hosts with netns * Makefile tweaks to fix make shell * failed containers with --rm should remove themselves * Fix documentation links and flow * Set Socket label for contianer * Containers sharing a netns should share resolv/hosts * Prevent a second lookup of user for image volumes * fix typo in kubernetes * No need to use `-i` in go build (with go 1.10 and above) * rootless: fix restart when using fuse-overlayfs * Cirrus: Update base-image build docs * Add capabilities to generate kube * disable F29 tests on PAPR * Ensure storage options are properly initialized * add more example usage to varlink endpoints * Update for API change * Vendor buildah after merging mtrmac/blob-info-caching-on-top-of-contents-caching * Vendor c/image after merging c/image#536 * Bump gitvalidation epoch * Bump to v0.12.2-dev - Changelog for v0.12.1.1 (2018-12-07) * Update release notes for v0.12.1.1 * Fix errors where OCI hooks directory does not exist * add timeout to pod stop * Remove manual handling of insecure registries in (podman search) * Fix reporting the registries.conf path on error * Remove manual handling of insecure registries in doPullImage * Remove the forceSecure parameter on the pull call stack * Remove manual handling of insecure registries in PushImageToReference * Factor out the registries.conf location code in pkg/registries * Remove the forceSecure parameter of Image.PushImageTo* * Minimally update for the DockerInsecureSkipTLSVerify type change * Bump gitvalidation epoch * Bump to v0.12.2-dev * Fix build on non-Linux * Remove some unused data structures and code * Vendor buildah after merging https://github.com/containers/buildah/pull/1214 * Update containers/image to 63a1cbdc5e6537056695cf0d627c0a33b334df53 * Cirrus: Document and codify base-image production * Cirrus: Use Makefile for image-building * Refactor BooleanAction to mimic golang interface * generate kube - Changelog for v0.12.1 (2018-12-06) * Update release notes for 0.12.1 * bind mount /etc/resolv.conf|hosts in pods * Remove --sync flag from `podman rm` * Add locking to Sync() on containers * Add --sync flag to podman ps * Add --sync option to podman rm * Tests for podman volume commands * Add "podman volume" command * tutorial: add ostree dependency * Pick registry to login from full image name as well * Add ability to prune containers and images * Invert tlsverify default in API * set .54 version for f28 due to memory error * Vendor in latest containers/storage * pkg/lookup: Return ID-only pointers on ErrNo*Entries * test for rmi with children * libpod/container_internal_linux: Allow gids that aren't in the group file * Don't initialize CNI when running as rootless * correct algorithm for deleting all images * Use runtime lockDir in BoltDB state * test: update runc again * vendor: update containers/storage * create pod on the fly * libpod/container_internal: Deprecate implicit hook directories * Revert changes to GetDefaultStoreOptions * Fix libpod static dir selection when graphroot changed * podman pod exists * Adding more varlink endpoints * Ensure directory where we will make database exists * Fix typo * rootless: raise error if newuidmap/newgidmap are not installed * Add better descriptions for validation errors in DB * Fix gofmt and lint * Make locks dir in unit tests * Do not initialize locks dir in BoltDB * Move rootless storage config into libpod * Set default paths from DB if not explicitly overridden * Add a struct indicating if some Runtime fields were set * Make DB config validation an explicit step * Move DB configuration up in runtime setup * Add ability to retrieve runtime configuration from DB * Add short-option handling to logs * tests: always install runc on Ubuntu * cirrus: update ubuntu image * cirrus: make apt noninteractive * Dockerfile, .cirrus.yml: update runc commit * rootless: propagate XDG_RUNTIME_DIR to the OCI runtime * Update ubuntu VM image w/ newer runc * add pod short option to ps * Add create test with --mount flag * Only include container SizeRootFs when requested * /dev/shm should be mounted even in rootless mode. * disable checkpoint tests on f29 * test, rootless: specify USER env variable * Revert "downgrade runc due a rootless bug" * Fix completions to work with podman run command * hide kube command for now * pypod create/run: ignore args for container command * Add support for --all in pypodman ps command * Fixes #1867 * tests: fix NOTIFY_SOCKET test * Fix golang formatting issues * oci: propagate NOTIFY_SOCKET on runtime start * test: fix test for NOTIFY_SOCKET * Add test to ensure stopping a stopped container works * Stopping a stopped container is not an error for Podman * Disable mount options when running --privileged * Vendor in latest containers/storage * util: use fsnotify to wait for file * vendor: update selinux * rootless: store only subset of storage.conf * rootless: fix cleanup * network: allow slirp4netns mode also for root containers * Added more checkpoint/restore test cases * Fix podman container restore -a * Update bash completion for checkpoint/restore * Add '--tcp-established' to checkpoint/restore man page * Added tcp-established to checkpoint/restore * Remove unused CRIU_COMMIT variable * Point CRIU_COMMIT to CRIU release 3.11 * Updated CRIO_COMMIT to pull in new conmon for CRIU * Use also a struct to pass options to Restore() * _split_token(): handle None * Use host's resolv.conf if no network namespace enabled * rootless: add new netmode "slirp4netns" * tests: change return type for PodmanAsUser to PodmanTestIntegration * test: cleanup CNI network used by the tests * exec: don't wait for pidfile when the runtime exited * Remove mount options relatime from podman run --mount with shared * Update test case name to podman run with --mount flag * Add some tests for --ip flag with run and create command * Add history and namespaceoptions to image inspect * add podman container|image exists * set root propagation based on volume properties * Actually set version for podman module / pypodman * implement --format for version command * podman_tutorial.md typos: arguement -> argument; missing 'a' * Load NAT modules to fix tests involving CRIU * Vendor in latest containers/buildah * Update checkpoint/restore man pages * Added option to keep containers running after checkpointing * Use a struct to pass options to Checkpoint() * exec: always make explicit the tty value * Allow users to expose ports from the pod to the host * Improve speed of containers.list() * output libpod container to kubernetes yaml * rootless: create empty mounts.conf if it doesn't exist * registries: check user registries file only in rootless mode * rootless: create storage.conf when it doesn't exist * rootless: create libpod.conf when it doesn't exist * Don't use $HOST and $USER variables for remote * Implement pypodman start command * runlabel: use shlex for splitting commands * Add a rule to compile system test in Makefile * Fix no-new-privileges test * The system test write with ginkgo * Separate common used test functions and structs to test/utils * Add version command to pypodman * Bump gitvalidation epoch * Bump to v0.11.2-dev * Cirrus: Add documentation for system-testing * Cirrus: Simplify optional system-test script * Cirrus: Reveal magic, parallel system-testing * libpod should know if the network is disabled * Lint: Silence few given goconst lint warnings * Lint: Extract constant unknownPackage * Lint: Tests: add missing assertions * Lint: Do not ignore errors from docker run command when selinux enabled * Lint: InspectImage varlink api should return errors that occurred * Lint: Exclude autogenerated files from lint test * Lint: Update metalinter dependency * Set --force-rm for podman build to true by default * Vendor in latest containers/storage - Changelog for v0.11.1.1 (2018-11-15) * Vendor in containers/storage * Add release notes for 0.11.1.1 * Increase pidWaitTimeout to 60s * Cirrus: Add master branch testing status badge * rootless: call IsRootless just once * Bump golang to v1.10 in install.md * Standardized container image for gofmt and lint * Make list of approvers same as reviewers * vendor: update ostree-go * vendor.conf: fix typo * Cleanup podman spec to not show git checkout is dirty * Add space between num & unit in images output * Update troubleshooting guide to deal with rootless path * troubleshooting.md: add a recipe for rootless ping * remove $-prefix from (most) shell examples * docs: Fix duplicated entry for pod-container-unmount * Better document rootless containers * info: add rootless field * Accurately update state if prepare() partially fails * Do not hide errors when creating container with UserNSRoot * rm -f now removes a paused container * correct assignment of networkStatus * podman_tutorial: cni build path has changed * Bump gitvalidation epoch * Bump to v0.11.2-dev * Cirrus: Ignore any error from the IRC messenger * rootless: default to fuse-overlayfs when available - Changelog for v0.11.1 (2018-11-08) * Update release notes for 0.11.1 * update seccomp.json * Touch up --log* options and daemons in man pages * Fix run --hostname test that started failing post-merge * move defer'd function declaration ahead of prepare error return * Don't fail if /etc/passwd or /etc/group does not exists * Print error status code if we fail to parse it * Properly set Running state when starting containers * Fix misspelling * Retrieve container PID from conmon * If a container ceases to exist in runc, set exit status * EXPERIMENTAL: Do not call out to runc for sync * Actually save changes from post-stop sync * rootless: mount /sys/fs/cgroup/systemd from the host * rootless: don't bind mount /sys/fs/cgroup/systemd in systemd mode * Add hostname to /etc/hosts * Temporarily fix the Python tests to fix some PRs * Remove conmon cgroup before pod cgroup for cgroupfs * Fix cleanup for "Pause a bunch of running containers" * --interactive shall keep STDIN attached even when not explicitly called out * Do never override podman with docker * Make kill, pause, and unpause parallel. * Fix long image name handling * Make restart parallel and add --all * Add ChangeAction to parse sub-options from --change * replace quay.io/baude to quay.io/libpod * Change humanize to use MB vs MiB. * allow ppc64le to pass libpod integration tests * Cirrus-CI: Add option to run system-tests * Cirrus: Skip rebuilding images unless instructed * Cirrus: Disable image build job abort on push * Cirrus: Add a readme * Ubuntu VM image build: try update twice * Cirrus: Enable updating F28 image * rootless: do not add an additional /run to runroot * rootless: avoid hang on failed slirp4netns * Fix setting of version information * runtime: do not allow runroot longer than 50 characters * attach: fix attach when cuid is too long * truncate command output in ps by default * Update the runc commit used for testing * make various changes to ps output * Sync default config with libpod.conf * Use two spaces to pad PS fields * unmount: fix error logic * get user and group information using securejoin and runc's user library * CONTRIBUTING.md: add section about describing changes * Change to exported name in ParseDevice * Vendor in latest containers/storage * fix bug in rm -fa parallel deletes * Ensure test container in running state * Add tests for selinux labels * Add --max-workers and heuristics for parallel operations * Increase security and performance when looking up groups * run prepare in parallel * downgrade runc due a rootless bug * runlabel: run any command * Eat our own dogfood * vendor: update containers/storage * Add support for /usr/local installation * create: fix writing cidfile when using rootless * Explain the device format in man pages * read conmon output and convert to json in two steps * Cirrus: Use images w/ buildah fix * Add --all and --latest to checkpoint/restore * Use the newly added getAllOrLatestContainers() function * Use the new checkAllAndLatest() function * Also factor out getAllOrLatestContainers() function * Add checkAllAndLatest() function * Downgrade code to support python3.4 * Allow containers/storage to handle on SELinux labeling * Use more reliable check for rootless for firewall init * Vendor in latest containers/storage opencontainers/selinux * Make podman ps fast * Support auth file environment variable in podman build * fix environment variable parsing * tests: use existing CRIU version check * Use the CRIU version check in checkpoint/restore * Add helper function to read out CRIU version * vendor in go-criu and dependencies * oci: cleanup process status * Handle http/https in registry given to login/out * re-enable f29 testing * correct stats err with non-running containers * Use restoreArtifacts to save time in integration tests * Make rm faster * Fix man page to show info on storage * Move rootless directory handling to the libpod/pkg/util directory * Fix podman port -l * Fix trivial missing markup in manpage * Cirrus: Install CRIU in test images * Cirrus: Use different CNI_COMMIT for Fedora * Fix Cirrus/Packer VM image building * Revert "Cirrus: Enable debugging delay on non-zero exit" * Cirrus: IRC message when cirrus testing successful * cirrus: Add simple IRC messenger * fix NOTIFY_SOCKET in e2e testfix NOTIFY_SOCKET in e2e tests * Bump gitvalidation epoch * Bump to v0.10.2-dev - Changelog for v0.10.1.3 (2018-10-17) * Update release notes for 0.10.1.3 * Vendor in new new buildah/ci * Fix podman in podman * Bump gitvalidation epoch * Bump to v0.10.2-dev - Changelog for v0.10.1.2 (2018-10-17) * Update release notes for 0.10.1.2 * Fix CGroup paths used for systemd CGroup mount * Bump gitvalidation epoch * Bump to v0.10.2-dev - Changelog for v0.10.1.1 (2018-10-16) * Update release notes for 0.10.1.1 * Mount proper cgroup for systemd to manage inside of the container. * Cirrus: Enable debugging delay on non-zero exit * Touchup fileo typo * volume: resolve symlinks in paths * volume: write the correct ID of the container in error messages * vendor: update containers/buildah * papr: relabel GOPATH/github.com/containers/libpod * tests: do not fail in the cleanup phase * tests: do not make assumptions on the mount output * papr_prepare: remove double process for starting up .papr.sh * Add support for pod commands * Support auth file environment variable & add change to man pages * Generate a passwd file for users not in container * Bump gitvalidation epoch * Bump to v0.10.2-dev - Changelog for v0.10.1 (2018-10-11) * Swap from map to channels for podman stop workers * Add release notes for 0.10.1 * Pass along syslog variable to podman cleanup processes * Sort all command flags * rootless: detect when user namespaces are not enabled * Log an otherwise ignored error from joining a net ns * Fix gofmt * Add tests for --ip flag * Update manpages for --ip flag * Add --ip flag and plumbing into libpod * Document --net as an alias of --network in podman run & create * Update OCICNI vendor to 2d2983e4 * Temporary commit to swap branches * rootless: report more error messages from the startup phase * rootless: fix an hang on older versions of setresuid/setresgid * Update OCICNI vendor to e617a611 * fix runlabel functions based on QA feedback * Vendor latest containers/image * Stop containers in parallel fashion * wip * remove hack/dind * Vendor in latest github.com/containers/storage,image, buildah * runlabel: execute /proc/self/exe and avoid recursion * Re-add source-verify in cirrus-ci * added links to buildah.io and podman.io to README.md * Lower CPU/Memory usage by cirrus VMs * skip userns tests on non-fedora distributions for now * Remove Travis * docker: Double quote array expansions to avoid re-splitting elements * Ensure resolv.conf has the right label and path * Remove no longer used libnetwork from vendor.conf * Fix lint * Drop libnetwork vendor and move the code into pkg/ * Update libnetwork vendor to current master to fix CI * Switch to using libnetwork's resolvconf package * Add configuration for Cirrus-CI * disable gce building of images * re-add BR for golang compiler to contrib/spec/podman.spec.in * completions: add checkpoint/restore completions * tests: add checkpoint/restore test * tutorial: add checkpoint/restore to tutorial * docs: add checkpoint and restore man pages * Add support to checkpoint/restore containers * oci: split the stdout and stderr pipes * oci: always set XDG_RUNTIME_DIR * Fix pod status reporting for new Exited state * Add ability for ubuntu to be tested * selinux: drop superflous relabel * rootless: always set XDG_RUNTIME_DIR * Fix python tests * Fix Wait() to allow Exited state as well as Stopped * Fix cleanupRuntime to only save if container is valid * Fix bug with exited state and container remove * Address review comments and fix ps output * Add ContainerStateExited and OCI delete() in cleanup() * Need to allocate memory for hook struct * Disable SELinux labeling if --privileged * * Update documenation * Implement pod varlink bindings * Update docs to build a runc that works with systemd * runtime: fix message which assumes the runtime is runc * rootless: raise an error when trying to use cgroups * Add --all flag to podman kill * Add podman.io to README.md * Vendor in the latest containers/storage, image and buildah * Don't tmpcopyup on systemd cgroup * Add container runlabel command * run complex image names with short names * Add buildah version and distribution to info * Disable Fedora 29 and CentOS7 VM testing * podman runs disabled containers and privileged containers as spc_t * Update the OWNERS file so bot assigns sane reviewers * rework CI tests to test on VMs * Put openshift dockerfiles in test/install * Bump gitvalidation epoch * Bump to v0.9.4-dev * contrib/python/*/Makefile: Fallback to unversioned 'python' * Makefile: Drop PYTHON * Makefile: Call contrib/python's clean regardless of HAS_PYTHON3 - Changelog for v0.9.3.1 (2018-09-25) * Update release notes for 0.9.3.1 * Disable problematic SELinux code causing runc issues * Bump gitvalidation epoch * Bump to v0.9.4-dev - Changelog for v0.9.3 (2018-09-21) * Update release notes for 0.9.3 * Add --mount option for `create` & `run` command * Refactor Wait() to not require a timeout * Updates from reviews * Implement new subcommands * Don't mount /dev/shm if the user told you --ipc=none * rootless: error out if there are not enough UIDs/GIDs available * Vendor in latest containers/buildah * rootless: fix create with images not in the storage * rootless: skip usage of filepath.Join * create, rootless: join the userns of ns:PATH * create, rootless: join the userns of container:CONTAINER * spec: refactor ns modes to a common interface * Don't output inodes created to run a container * Add rpmbuild to the openshift fedora test image * Add new field to libpod to indicate whether or not to use labelling * Bind Mounts should be mounted read-only when in read-only mode * test, rootless: enforce cgroupfs manager * report when rootless * add the gopath environment variable to the openshift dockerfile * Vendor in latest opencontainers/runtime-tools * Add python-varlink to the Fedora openshift image * Add Dockerfile for openshift lint, gofmt, and validate testing * Vendor in latest containers/buildah * Don't crash if an image has no names * Replace all usages of "install -D" with "install -d" * Increase pidWaitTimeout to 1000ms * Small updates to OCI spec generation * Add new tests for ipc namespace sharing * Hooks supports two directories, process default and override * Bump gitvalidation epoch * Bump to v0.9.3-dev - Changelog for v0.9.2.1 (2018-09-17) * Update release notes for 0.9.2.1 * Vendor in latest projectatomic/buildah * Vndr latest containers/image * Bump gitvalidation epoch * Bump to v0.9.3-dev - Changelog for v0.9.2 (2018-09-14) * Update release notes for 0.9.2 * change search test to look for fedora and not fedora-minimal * Don't mount /dev/* if user mounted /dev * add registry information to varlink info * libpod/image/pull: Return image-pulling errors from doPullImage * Update gitvalidation epoch to avoid a bad commit * Update README to reflect current development efforts * rootless: do not raise an error if the entrypoint is specified * Add Buildah Podman relationship to README.md * Swap default mount propagation from private to rprivate * Add a way to disable port reservation * Add notes to check version on problem * Do not set rlimits if we are rootless * Up default Podman rlimits to avoid max open files * Search registries with an empty query * Vendor in latest containers/image * Remove duplicate code between create.go and run.go * Add --interval flag to podman wait * Add `podman rm --volumes` flag * Vendor in latest containers/storage to eliminage deadlock * do not build with devicemapper * run different cgroup tests depending on conditions * dont make python when running make * Explicitly set default CNI network name in libpod.conf * Pass on securityOpts from podInfraContainer to container added to pod. * Bump gitvalidation epoch * Bump to v0.9.2-dev - Changelog for v0.9.1.1 (2018-09-10) * Update release notes for 0.9.1.1 * Replace existing iptables handler with firewall code * Vendor CNI plugins firewall code * Fix displaying size on size calculation error * Bump gitvalidation epoch * Bump to v0.9.2-dev - Changelog for v0.9.1 (2018-09-07) * Update RELEASE_NOTES for 0.9.1 release * Fix pod sharing for utsmode * Respect user-added mounts over default spec mounts * Ensure we do not overlap mounts in the spec * Change references to cri-o to point at new repository * fix docs for podman build * use layer cache when building images * Add first pass for baseline pod tests * Change shm test to be less flaky. * Update WaitForTimeOut to output OutputString to help with debugging. * Fixups for baseline test script * Fix nameing of Namespaces to be more consistent * Start pod infra container when pod is created * vendor containerd/cgroups * Fix up libpod.conf man pages and referencese to it. * Print errors from individual pull attempts * Added GOPATH/bin to PATH install.md * We should fail Podman with ExitCode 125 by default * Add CRI logs parsing to podman logs * rmi remove all not error when no images are present * rootless: check uid with Geteuid() instead of Getuid() * rootless, tests: add tests for the pod command * rootless, create: support --pod * rootless, run: support --pod * rootless: create compatible pod infra container * rootless: be in an userns to initialize the runtime * commandNotFoundHandler: use stderr and exit code 1 * Bump gitvalidation epoch * Bump to v0.9.1-dev * Update release notes for 0.8.5 - Changelog for v0.8.5 (2018-08-31) * Add proper support for systemd inside of podman * We are mistakenly seeing repos as registries. * container: resolve rootfs symlinks * Up time between checks for podman wait * Turn on test debugging * Add support for remote commands * fixup A few language changes and subuid(5) * Make the documentation of user namespace options in podman-run clearer * pod create: restore help flag * catch command-not-found errors * don't print help message for usage errors * Vendor in latest containers/storage and containers/image * add conmon to copr spec * docs: consistent format for example * docs: consistent headings * docs: make HISTORY consistent * docs: fix headers * varlink: fix --timeout usage * run/create: reserve `-h` flag for hostname * podman,varlink: inform user about --timeout 0 * rootless: show an error when stats is used * rootless: show an error when pause/unpause are used * rootless: unexport GetUserNSForPid * rootless, exec: use the new function to join the userns * rootless: fix top * rootless: add new function to join existing namespace * Vendor in latest projectatomic/buildah * Set nproc in containers unless explicitly overridden * Do not set max open files by default if we are rootless * Set default max open files in spec * Resolve /etc/resolv.conf before reading * document `--rm` semantics * allow specification of entrypoint in the form of a slice * Test RPM build and install for regressions * rootless, search: do not create a new userns * rootless, login, logout: do not create a new userns * rootless, kill: do not create a new userns * rootless, stop: do not create a new userns * Ensure return errors match API docs * Fix manpage to note how multiple filters are combined * Fix handling of multiple filters in podman ps * Fix Mount Propagation * docs: add containers-mounts.conf(5) * docs: use "containers-" prefix for registries and storage * rootless: fix --pid=host * rootless: fix --ipc=host * spec: bind mount /sys only when userNS are enabled * rootless, tests: add test for --uts=host * Dockerfile.Fedora: install slirp4netns * rootless: don't use kill --all * rootless: exec handle processes that create an user namespace * rootless: fix exec * Move whale-says test to end of baseline * Bump gitvalidation epoch * Bump to v0.8.5-dev - Changelog for v0.8.4 (2018-08-24) * Add release notes * Regenerate easyjson after rebase * Vendor easyjson code to fix build * Swap from FFJSON to easyjson * Make 'make clean' remove FFJSON generated code * rootless: allow to override policy.json by the user * add completion for --pod in run and create * Fixed formatting and lowered verbosity of pod ps * Do not try to enable AppArmor in rootless mode * exposes tcp port only if no proto specified. * rpm-spec: use skopeo-containers instead of containers-common * Reveal information about container capabilities * Vendor in latest projectatomic/buildah * Refactor error checking in With*NSFromPod options * Fixing network ns segfault * Change pause container to infra container * Support pause containers in varlink * Added option to share kernel namespaces in libpod and podman * Changed GetContainerStats to return ErrCtrStateInvalid * Add GetPodStats to varlink * rpm-spec: update distro-specific dependencies * Add podman pod top * Include pod stats and top in commands/completions * Vendor changes to psgo * Fix syntax description of --ulimit command * Swap test image in exec test to fedora for useradd * Add tests for exec --user * Properly translate users into runc format for exec * test: ad more tests for rootless containers * rootless: fix --net host --privileged * Fix a bug with hook ALWAYS matching with a process * Fixed segfault in stats where container had netNS none or from container * Enable pod stats with short ID and name * Touch up cert-dir in man pages * make dbuild fixed on ubuntu/debian * vendor latest github.com/urfave/cli * Add retry decorator for flakey tests * Update error message from reviews * Support Attach subcommand in pypodman * Fix handling of devices * tutorial: point to containers/skopeo * point to containers/skopeo * install.md: point to containers/libpod * Bump gitvalidation epoch * Bump to v0.8.4-dev - Changelog for v0.8.3 (2018-08-17) * Make failure to retrieve individual ctrs/pods nonfatal * Mention that systemd is the default cgroup manager * Add dependency for python3-psutil module * Vendor in latest buildah and imagebuilder * Don't fail on size. * Fix handling of socket connection refusal. * podman: fix --uts=host * podman pod stats * Added helper function for libpod pod api calls * CreatePod args now PodCreate structure * Added reason to PodContainerError * Change batchcontainer to shared * Add Pod API to varlink. * Change pod varlink API. * Moved getPodStatus to pod API to be used in varlink * Vendor in latest containers/psgo code * switch projectatomic to containers * Revert "spec: bind mount /sys only for rootless containers" * Suport format param for varlink Commit * Fix segfault in top when -l and no args are passed * Document STORAGE_DRIVER and STORAGE_OPTS environment variable * podman.spec: recommend slirp4netns * Do not 'make all' on Travis for Linux * Fix build on non-Linux OSes * Create pod CGroups when using the systemd cgroup driver * Switch systemd default CGroup parent to machine.slice * spec: bind mount /sys only for rootless containers * build, rootless: specify IsolationOCIRootless * vendor: update buildah version * Fix handling of hostname in --net=host * Updated pod_api to reflect function spec * Add create and pull commands * rootless: not require userns for help/version * pkg/apparmor: use a pipe instead of a tmp file * pkg/apparmor: move data under Linux/apparmor buildtags * pkg/apparmor: move all linux-code into apparmor_linux* * podman in rootless mode will only work with cgroupfs at this point. * when searching, survive errors for multiple registries * Remove unused function in runtime.go * Fix papr tests by forcing cgroupfs in CI * Bump gitvalidation epoch * Bump to v0.8.3-dev - Changelog for v0.8.2.1 (2018-08-11) * Ensure pod inspect is locked and validity-checked * Further fix tests * Bump gitvalidation epoch * Bump to v0.8.3-dev * Fix python tests again * Fix python tests to use cgroupfs * Fix typo breaking tests * Force cgroupfs for python tests * Swap default CGroup manager to systemd * Only use cgroupfs for containerized tests * Temporarily force all tests to use cgroupfs driver - Changelog for v0.8.2 (2018-08-10) * We need to sort mounts so that one mount does not over mount another. * search name should include registry * Split pod.go into 3 files * Make errors during refresh nonfatal * Add batch check to container stats lock * removeContainer: fix deadlock * Add FFJSON to build container * Don't require .gopathok for individual FFJSON targets * Add FFJSON generation to makefile * Re-add FFJSON for container and pod structs * Fixed a bug setting dependencies on the wrong container * Always connect to the stdout and stderr of stream * apparmor: respect "unconfined" setting * oci.go: syslog: fix debug formatting * add podman pod inspect * Fix ambiguity in adding localhost to podman save * Fix CGroupFS cgroup manager cgroup creation for pods * Update Conmon commit for testing * Pass newly-added --log-level flag to Conmon * Cleanup man pages * Improve ps handling of container start/stop time * rootless: fix user lookup if USER= is not set * enabled copr epel builds again * Handle yum and dnf * Test regressions against the RPM spec file * Pass DESTDIR down to python Makefile * Add dpkg support for returning oci/conmon versions * Have info print conmon/oci runtime information * Better pull error for fully-qualified images * Stub varlink pod methods. * Remove inotify work around * Rename varlink socket and interface * Change tarball filename in copr prepare and match short-commit length * Add Runc and Conmon versions to Podman Version * update copr spec, lets get it building again * Add missing dependencies to build system * Port to MacOS * Make one runtime for the varlink service * Bump gitvalidation epoch * Bump to v0.8.2-dev - Changelog for v0.8.1 (2018-08-03) * Vendor in latest github.com/projectatomic/buildah * Update gitvalidation epoch * Check for missing arguments in /proc/self/cmdline * Added ps --pod option * clarify pull error message * rootless: do not set setgroups to deny when using newuidmap * Man page fixes found by https://pagure.io/ManualPageScan * Inline pullGoalNamesFromPossiblyUnqualifiedName into Runtime.pullGoalFromPossibly... * Replace getPullRefName by Runtime.getPullRefPair * Inline pullGoalNamesFromImageReference back into Runtime.pullGoalFromImageReference * Introduce getSinglePullRefNameGoal * Test Runtime.pullGoalFromPossiblyUnqualifiedName instead of pullGoalNameFrom... * Test Runtime.pullGoalFromImageReference instead of pullGoalNamesFromImageReference * Use REGISTRIES_CONFIG_PATH for all tests * rootless: do not segfault if the parent already died * RFC: Rename runtime.pullImage to runtime.pullImageFromHeuristicSource * Introduce Runtime.pullImageFromReference, call it in Runtime.FromImageReference * RFC: Remove unused transport name constants from libpod * Replace Runtime.LoadFromArchive with Runtime.LoadFromArchiveReference * Rename the "image" variable to "imageName" * Fix the heuristic for docker-archive: sources in (podman pull) * Split doPullImage from pullImage * Remove the forceCompress parameter from getCopyOptions and DRO.GetSystemContext * Remove the authFile parameter from getCopyOptions and DRO.GetSystemContext * Remove the signaturePolicyPath parameter from getCopyOptions and DRO.GetSystemContext * Add a *types.SystemContext parameter to getCopyOptions and DRO.GetSystemContext * Move pullImage from Image to Runtime * Do not re-parse the list of search registries just for an error message * Eliminate duplicate determination whether to use search registries * Eliminate the "DockerArchive means pull all refPairs" special case * Introduce struct pullGoalNames * Introduce struct pullGoal * Use []pullRefPair instead of []*pullRefPair * Use []pullRefName instead of []*pullRefName * Introduce singlePullRefNameGoal * Use an early return from refNamesFromPossiblyUnqualifiedName * RFC: Rename Image.PushImage to Image.PushImageToHeuristicDestination * Remove an unnecessary use of alltransports.ParseImageName * RFC? Hard-code "format" string values instead of using libpod.* transport names * Use PushImageToReference for (podman save) * Call imageNameForSaveDestination while creating the references * Exit early in the simple case in imageNameForSaveDestination * Rename parameters of imageNameForSaveDestination * Split imageNameForSaveDestination from saveCmd * Split a single if statement into two. * Move source handling before destination parsing * Split Image.PushImageToReference from Image.PushImage * Don't format to string and re-parse a DockerReference() * Remove the :// end from DockerTransport * Remove the TransportNames arrays * Document the properties of DefaultTransport a bit better. * Eliminate the "dest" variable. * Use an early exit if a docker-archive: image has no repo tags * Reorganize the tag loading in DockerArchive case * Return early in refNamesFromImageReference instead of appending to pullNames * Use srcRef.StringWithinTransport() instead of parsing imgName again * Use a switch instead of if/if else/.../else * Remove the error return value from getPullRefName * Rename getPullListFromRef to refPairsFromImageReference * Split refNamesFromImageReference from Runtime.getPullListFromRef * Replace getPullRefPair with getPullRefName * Include the rejected reference when parsing it fails in pullRefPairsFromRefNames * Add --force to podman umount to force the unmounting of the rootfs * Integration Test Improvements #3 * Ensure container and pod refresh picks up a State * Fix build on non-linux platforms * Rework state testing to allow State structs to be empty * Add additional comments on accessing state in API * Do not fetch pod and ctr State on retrieval in Bolt * network: add support for rootless network with slirp4netns * varlink ImageRemove should always return image ID * Add documentations on how to setup /etc/subuid and /etc/subgid * Integration Test Improvements #2 * avoid spewing fds do to restore of cached images * Add load test for xz compressed images * Speed up test results * Show duration for each ginkgo test and test speed improvements * vendor: update containers/storage * Clean up pylint warnings and errors for podman * podman rmi shouldn't delete named referenced images * Bump gitvalidation epoch * Bump to v0.8.1-dev - Changelog for v0.7.4 (2018-07-27) * Add pod pause/unpause * Fix up docker compatibility messages * Update vendored version of runc,buildah,containers/image * Refactored method of getting pods * Fix godoc comment in pkg/netns * Fix handling of Linux network namespaces * Update containernetworking/plugins to current master * Cleanup descriptions and help information * Skip seccomp-dependent tests on non-Linux * Use the Linux version BoltState.getContainerFromDB on all platforms. * Split parseNetNSBoltData from BoltState.getContainerFromDB * Use testify/require in a few places to avoid panics in tests * Skip unit tests which require storage when not running as root * Don't pollute the build output with failures to build checkseccomp * Remove cmd/podman/user.go * double papr timeout for all ci tests * vendor latest containers/psgo * Vendor latest container/storage to fix overlay mountopt * Add pod kill * Added pod restart * Added pod.Restart() functionality to libpod. * Add a mutex to BoltDB state to prevent lock issues * Clear variables used to store options after parsing for every volume * Clean up pylint warnings and errors * podman: allow to specify the IPC namespace to join * podman: allow to specify the UTS namespace to join * podman: allow to specify the PID namespace to join * podman: allow to specify the userns to join * network: support ns: prefix to join existing namespace * spec: allow container:NAME network mode * Update comments in BoltDB and In-Memory states * Add an E2E test to verify basic namespace functionality * Add libpod namespace to config * Add missing runtime.go lines to set namespace * Address first round of review comments * Set namespace for new pods/containers based on runtime * Add --namespace flag to Podman * Update documentation for the State interface * Ensure pods are part of the set namespace when added * Enforce namespace checks on container add * Add tests for state namespacing * Add namespaces to in memory state * Untested implementation of namespaced BoltDB access * Add constraint that dependencies must be in the same ns * Add namespaces and initial constraints to database * Add container and pod namespaces to configs * Fix varlink API usage of psgo * Update issue template to point build bugs at buildah * We don't currently support --mac-address * Vendor in latest containers/psgo code * Update container Mounted() and Mountpoint() functions * [WIP] Refactor and simplify python builds * AppArmor: runtime check if it's enabled on the host * Add format descriptors infor to podman top * Fix error handling in pod start/stop. * docs/podman-top: fix typo and whitespace * Use the result of reference.Parse when checking for digests. * Make refNamesFromPossiblyUnqualifiedName independent from Image * Make Image.HasShaInInputName to an independent local function * Split createNamesToPull into ref{Names,Pairs}FromPossiblyUnqualifiedName * Rename local variables in Runtime.pullRefPairsFromRefNames * Split Runtime.pullRefPairsFromRefNames from Image.createNamesToPull * Rename nameToPull to pullRefName * Rename pullStruct to pullRefPair * Replace optional nameToPull.shaPullName with mandatory dstName * Introduce nameToPull, move shaPullName in there * Split normalizeTag from Image.TagImage * Remove Image.isShortName * Inline getTags into its only user * Add unit tests for imageParts * Add OnBuild and usernamespace test to baseline * Bump gitvalidation epoch * Bump to v0.7.4-dev - Changelog for v0.7.3 (2018-07-20) * Update psgo vendor * Podman load/tag/save prepend localhost when no repository is present * Pod ps now uses pod.Status() * Added pod start and stop * rootless: support a per-user mounts.conf * secrets: parse only one mounts configuration file * rootless: allow a per-user registries.conf file * pull: get registries using the registries pkg * rootless: allow a per-user storage.conf file * rootless, docs: document the libpod.conf file used in rootless mode * Let containers/storage keep track of mounts * podman-top: use containers/psgo * Vendor in latest code for storage,image, buildah * Abort a test on nil containers, so that future tests don't panic * Fix TestPostDeleteHooks on macOS * Use `...` for a regexp constant to improve readability * oci: keep exposed ports busy and leak the fd into conmon * Dockerfile: install nmap-ncat * Update podman_tutorial.md * Update transfer.md * Add missing podman commands * Update gitvalidation epoch * Fix ps filter with key=value labels * rootless: require subids to be present * Downgrade setup.py * Bump gitvalidation epoch * Bump to v0.7.3-dev - Changelog for v0.7.2 (2018-07-13) * Change logic for detecting conflicting flags in ps * Update python directories to better support setup.py * Fix ps --sort=size test * remote python client for podman * Only print container size JSON if --size was requested * Don't print rootfs and rw sizes if they're empty * Major fixes to podman ps --format=json output * Ignore running containers in ps exit-code filters * Record whether the container has exited * rootless: correctly propagate the exit status from the container * rootless: unshare mount namespace * Need to wait for container to exit before completing run/start completes * If proxy fails then then signal should be sent to the main process * fix pull image that includes a sha * Added full podman pod ps, with tests and man page * Podman pod create/rm commands with man page and tests. * Added created time to pod state * Support multiple networks * Log all output of logrus to syslog as well as stdout/stderr * podman rmi should only untag image if parent of another * Changed container status of Unknown from being printed as Dead to Error in Ps * Fix podman build completions * Refactor attach()/start() after podman changes * create conmon sockets when getting their paths * build: enable ostree in containers/storage when available * podman/libpod: add default AppArmor profile * runtime: delete unused function * rootless: propagate errors from GetRootlessRuntimeDir() * rootless: resolve the user home directory * rootless: fix when argv[0] is not an absolute path * Allow Init() on stopped containers * urfave/cli: fix regression in short-opts parsing * Add --volumes-from flag to podman run and create * Vendor in latest buildah to add masks for /proc/keys and /proc/acpi * Vendor in latest containers/storage * Mask /proc/keys to protect information leak about keys on host * ctime: Drop 32-/64-bit distinction on Linux * Podman stats with no containers listed is the same as podman stats --all * Refactor unittest for change in history API * Bump gitvalidation epoch * Bump to v0.7.2-dev - Changelog for v0.7.1 (2018-07-06) * pkg/ctime: Factor libpod/finished* into a separate package * Block use of /proc/acpi from inside containers * remove buildah requirement for the libpod image library * contrib/python/test/test_tunnel: Fix -nNT -> -nNTq * Refactor podman/utils with a single container start and attach function * Remove now-unneeded cleanupCgroup() for unsupported OS * Remove per-container CGroup parents * Fix nits and GOPATH in tutorial * spec: Make addPrivilegedDevices and createBlockIO per-platform * libpod/runtime_pod: Make removePod per-platform * libpod/networking_unsupported: Remove JoinNetworkNameSpace * .travis: Run gofmt and lint on OS X * rootless: Merge rootless.go back into rootless_linux.go * Makefile: Use a pattern rule for cross-compilation * more changes to compile darwin * Fix timeout issue with built-in volume test * rootless: add /run/user/$UID to the lookup paths * rootless: add function to retrieve the original UID * rootless: always set XDG_RUNTIME_DIR * rootless: set XDG_RUNTIME_DIR also for state and exec * libpod/container: Replace containerState* with containerPlatformState * urfave/cli: fix parsing of short opts * docs: Follow man-pages(7) suggestions for SYNOPSIS * Allow multiple mounts * Makefile: Use 'git diff' to show gofmt changes * Skip a test in Travis that has timeout issues * vendor in selinux and buildah for darwin compilation * add image user to inspect data * changes to allow for darwin compilation * Bump gitvalidation epoch * Bump to v0.7.1-dev - Changelog for v0.6.5 (2018-06-29) * Fix built-in volume issue with podman run/create * Add `podman container cleanup` to CLI * Allow multiple containers and all for umount * Returning joining namespace error should not be fatal * Start using github.com/seccomp/containers-golang * Test to verify overlay quotas work, show container overhead on quota * conmon no longer writes to syslog * Fix broken f28/cloud instance * Vendor latest projectatomic/buildah * vendor in latest golang/x/sys * vendor in latest docker package * Remove the --registry flag from podman search * utils: fix endless write of resize event * Start prints UUID or container name that user inputs on success * cmd/podman/utils.go: Cancel-able resize writes * Fix podman hangs when detecting startup error in container attached mode * travis: bump go to 1.9.x and 1.10.x * podman-build --help: update description * *: Replace Generator.Spec() with Generator.Config * generator.New() requires an OS string input variable * Vendor in latest buildah * Vendor in latest runtime-tools * docs: add documentation for rootless containers * runtime: change rootless data storage default path * rootless: use $HOME/.config/containers/libpod.conf * test: add env variables to the debug output * rootless: do not configure additional groups * oci: set XDG_RUNTIME_DIR to the runtime from GetRootlessRuntimeDir() * rootless: add management for the userNS * container_internal: don't ignore error from cleanupNetwork() * Mark containers invalid earlier during removal * Add --authfile to podman search * Vendor in latest containers/image * add podman remote client * Vendor in go-selinux again * Update the vendoring of github.com/opencontainers/selinux * Containers can dissappear * Add podman-image and podman-container man page links * Update ocicni vendor to pick up bugfixes * make varlink optional for podman * Bump gitvalidation epoch * Bump to v0.6.5-dev - Changelog for v0.6.4 (2018-06-22) * Add tests for podman refresh * Point podman-refresh at the right manpage * Add bash completions for podman refresh * Add manpages for podman refresh * Move podman refresh under the container subcommand * Make CGroups cleanup optional on whether they exist * Add podman refresh command * Add Refresh() to ctrs to refresh state after db change * Add information about the configuration files to the install docs * Add unittests and fix bugs * Fix docs on --sig-proxy to match current behaviour * Podman history now prints out intermediate image IDs * Add cap-add and cap-drop to build man page * Option handling has become large and should be a shared function * Fix image volumes access and mount problems on restart * We are using err in defer function, needs to be defined name * Update the version of conmon used in test * install: need to install make on Fedora-like distros * Vendor containers/storage for better error reporting on dups * libpod: fix race with attach/start * Implement SSH tunnels between client and podman server * Add carriage return to log message when using --tty flag * Errors from closing a netns on removal from DB are nonfatal * Vendor in latest go-selinux * Added --sort to ps * Fix podman build -q * Add extra debug so we can tell apart postdelete hooks * hack/ostree_tag.sh: Fill in OSTree dependencies * TLS verify is skipped per registry. * Add missing functionality for podman build layers * Add --all,-a flag to podman images * Add MacAddress to inspect * Update gitvalidation epoch * top: make output tabular * Add more network info ipv4/ipv6 and be more compatible with docker * Do not run iptablesDNS workaround on IPv6 addresses * Added --tls-verify functionality to podman search, with tests * Bump gitvalidation epoch * Bump to v0.6.4-dev - Changelog for v0.6.3 (2018-06-15) * spec: remove dead code * test: add test for running a rootless container * container: specify path to error message * podman: use a different store for the rootless case * container: do not set any mapping when using a rootfs * podman: do not use Chown in rootless mode * network: do not attempt to create a network in rootless mode * oci: do not set resources in rootless mode * oci: do not use hooks in rootless mode * oci: do not set the cgroup path in Rootless mode * spec: change mount options for /dev/pts in rootless mode * container: do not add shm in rootless mode * oci: pass XDG_RUNTIME_DIR down to the OCI runtime * podman: allow to override Tmpdir * podman: provide a default UID mapping when non root * podman: accept option --rootfs to use exploded images * When setting a memory limit, also set a swap limit * Fix cleaning up network namespaces on detached ctrs * Vendor in latest projectatomic/buildah * Temporarily turn of ps --last test until fixed * Implement --latest for ps * Correctly report errors retrieving containers in ps * Doc changes to fix alignment on most of the docs * Added --sort flag to podman image * add podman container and image command * Vendor in latest buildah code * rmi: remove image if all tags are specified * Aliases do not work with IsSet * Touchups for registries.conf across a few man pages * Remove container from state before cleaning up. * hack/release.sh: Add a guard against -dev suffixes for argv[2] * Bump gitvalidation epoch * Bump to v0.6.3-dev - Changelog for v0.6.2 (2018-06-08) * Test to make sure we are getting proper exit codes on podman run * Propegate exit code on Exec calls and integrated test * Vendor in latest buildah code * Update epoch to fix validation problems * Touch up whitespace issue in build man * Add disable-content flag info to man page for build * podman-run: clean up some formatting issues * Add pointers for Integration Tests to docs * Remove SELinux transition rule after conmon is started. * Add --all flag even though it is a noop so scripts will work * Add support for BuildImage * Added a defer to an Unlock that immediately followed a Lock * varlink build fixes * podman-varlink: log timeouts * bash completion: remove shebang * install.md: fix typo * Vendor in latest buildah code * Update OWNERS file to be based on reality * Add logo to transfer page * libpod: Execute poststop hooks locally * Add some test for podman run flag security-opt * Add a function for e2e test to write json file * Use go-selinux for selinux check * Add flag to add annotations to a container * Want to change the log level on buildah by default to warnf * vendor in latest github.com/varlink/go * hooks: Add debug logging for initial hook loading * hooks/docs: Fix 1.0.0 Nvidia example (adding version, etc.) * hooks/1.0.0/when_test: Fix "both, and" -> "both, or" name typo * hooks/1.0.0: Fix 'annotation' -> 'annotations' in JSON * hooks: Fail ReadDir if a configured hook executable is missing * Cleanup transfer.md page, remove CRI-O content * Vendor in latest containers/storage * Bump gitvalidation epoch * Bump to v0.6.2-dev - Changelog for v0.6.1 (2018-06-01) * hack/release.sh: Bump spec in dev_version_commit * hack/release.sh: No longer need to bump setup.py * Provide examples for python podman API * Bump Buildah vendor to pick up fix for tests * Log podman build failures in papr * Use Version from spec file in setup.py * Attempt to use fedora 28 atomic host * Fix lable handling * runtime: add /usr/libexec/podman/conmon to the conmon paths * varlink build * Add OnBuild support for podman build * return all inspect info for varlink containerinspect * hooks/exec: Allow successful reaps for 0s post-kill timeouts * hack/release.sh: Add a release script * Implement container attach * If user specifies UIDMapSlice without GIDMapSlice, set them equal * fix panic with podman pull * pkg/hooks/exec: Add a new package for local hook execution * Remove --net flag and make it an alias for --network * Catch does not exist error * hooks: Rename Hooks() output to extensionStageHooks * hooks: Allow local control of OCI stages via extensionStages * We need to change the SELinux label of the conmon process to s0 * Clear all caps, except the bounding set, when --user is specified. * Makefile: Add stderr redirect to HAS_PYTHON3 definition * Force update of API.md * do not allow port related args to be used with --network=container: * Update .gitignore for Varlink code and gopathok * sort containers and images by create time * Cleanup man pages * add go generate varlink to copr spec * Remove varlink's generated Go file * Bump gitvalidation epoch * Bump to v0.6.1-dev - Changelog for v0.5.4 (2018-05-25): * Vendor in latest projectatomic/buildah * Rename addFIPSsModeSecret to addFIPSModeSecret * Make references to the Process part of Spec conditional * save and load should support multi-tag for docker-archive * Implement python podman create and start * Spell check strings and comments * hooks/1.0.0: Error on empty process.args instead of panicking * Set Entrypoint from image only if not already set * Update podman build to match buildah bud functionality * Fix test_runner call of podman varlink * Fix handling of command in images * Add support for Zulu timestamp parsing * Clarify using podman build with a URL, Git repo, or archive. * Vendor in latest container/storage for devicemapper support * set varlink timeout to 1 seconds * podman create, start, getattachsocket * use $GO env-var instead of hard-coded go binary * tidy up the copr spec * honor multiple change values * hooks/README: Fix some Markdown typos (e.g. missing runc target) * oci-hooks.5: Discuss directory precedence and monitoring * finish changing the path for varlink * Tighten the security on the podman varlink socket * Implement podman.containers.commit() - Changelog for v0.5.3 (2018-05-18): * remove hooks files reference and no varlink-python on f27 or epel * contrib/spec/podman.spec.in: Drop README-hooks * troubleshooting: Add console syntax highlighting * Fix typo * Refresh pods when refreshing podman state * Add per-pod CGroups * Add pod state * hooks: Fix monitoring of multiple directories * make sure hooks are renamed for copr spec * Use container cleanup() functions when removing * docs/podman.1: Link to hook documentation * hooks/docs: Add oci-hooks.5 and per-package man page building * Add Troubleshooting guide * chrootuser: default to GID 0 when given a numeric --user * Add python3 package to podman * libpod: fix panic when using -t and the process fails to start * Makefile: Use ?= for shell variables (ISODATE, etc.) * Skip tests that are flaking, holding up merge queue * Remove old varlink tests * Allow push/save without image reference * Vendor in latest containers/image * Makefile: Respect GOBIN * Fix podman inspect bash completions * Update Tutorial with Fedora kit location * Makefile: Drop find-godeps.sh for podman target * Support pulling Dockerfile from http * Refactor libpod python varlink bindings * add more bash completions * improve podman commit documentation and error messages * Touch up logo links * implement varlink commit * fix segfault for podman push * Add the Podman Logo * logo: Remove unused directory * hooks: Add package support for extension stages * Gracefully handle containers removed from c/storage * Add packaging for hooks/README.md * Remove stop on error from Docker install switch in baseline tests * docs: fix contrib/cni broken link - Changelog for v0.5.2 (2018-05-11): * vendor/golang.org/x/text: Vendor collate and language * hooks: Order injection by collated JSON filename * libpod: Add HooksDirNotExistFatal * hooks/read: Ignore IsNotExist for JSON files in ReadDir * pkg/hooks: Version the hook structure and add 1.0.0 hooks * Fix varlink remove image force * Update Podman-specific readme * Update main README * vendor.conf: Pin containernetworking/plugins to 1fb94a42 * Do not error trying to remove cgroups that don't exist * Remove parent cgroup we create with cgroupfs * Place Conmon and Container in separate CGroups * Add --cgroup-manager flag to Podman binary * Major fixes to systemd cgroup handling * Skip systemd-style CGroups test * Alter CGroup path handling for 'podman top' * Add validation for CGroup parents. Pass CGroups path into runc * vendor/github.com/docker/docker/hack: Remove unused directory * varlink info * vendor.conf: Bump containerd/cgroups to 77e62851 * vendor.conf: Bump CNI to v0.6.0 * Dont eat the pull error message for varlink * podman push should honor registries.conf * alphabetize the varlink methods, types, and errors in the docs * Add missing newline to podman port * Generate varlink API documentation automatically * Allow streaming on some varlink container methods * Remove extra close from attach resize channel * Vendor in latest containers/storage fix for UserNS * container.go: fix lint error * Dockerfile.Fedora: use fedora:28 instead of fedora:27 * Fix calculation of RunningFor in ps json output * Should not error out if container no longer exists in oci * Make invalid state nonfatal when cleaning up in run * test/e2e/run_userns_test.go: new file * podman, userNS: configure an intermediate mount namespace * networking, userNS: configure the network namespace after create * Begin wiring in USERNS Support into podman - Changelog for v0.5.1 (2018-05-04): * Fix pulling from secure registry * Optionally init() during container restart * bashcompletion enhancements * Add directory for systemd socket and service if not present * varlink containers * Make podman commit to localhost rather then docker.io * Trivial refactor on volume addition * When adding volumes to DB, handle nontrivial cases * Add accessors for new image fields in container config * Store user Volumes, Entrypoint, Command in database * Further fix Godoc comments in options.go * Update hooks to use config bool to detect volume mounts * Fix Godoc comments in options.go * Add config bool to indicate there are user volumes * Print the Buildah comment from commit to given writer * Do not print unnecessary Buildah details during commit * remove options from create/run that we cannot support * fix typos in the inspect json structs * Fix podman logout --all flag * podman should assign a host port to -p when omitted * Vendor in latest buildah * Fix misc stuff found by jhonce * libpod.conf: Podman's conmon path on openSUSE * Add iidfile parame to build and commit man pages * do not commit default volumes from container * correct varlink command in service file * Vendor in latest containers/image * Make ':' a restricted character for file names * Add more validation to --volume flag for run and create * Fix libseccomp not working in travis * CONTRIBUTING: Document PR approval and link to OWNERS * OWNERS: rename 'assignees' to 'approvers' - Changelog for v0.4.4 (2018-04-27): * Use buildah commit and bud in podman * README: Link to CONTRIBUTING.md * Remove systemd-cat support * Refactor unittest for varlink component * Update .gitignore for python work * Modify secrets pkg * varlink images * Retrieve IP addresses for container from DB * Add --default-mounts-file hidden flag * Add isolation note to build man page * Modify man pages so they compile correctly in mandb * Strip transport from image name when looking for local image * readme: improve formatting, add links * updated epoch for bad dco * Only generate the varlink glue code if needed and from the vendor dir * Latest revendoring deleted the cmd dir in varlink * Remove more Errorf in favor of Wrapf * Do not eat error messages from pullImage * Updated varlink vendored code * Add unit files to the copr spec * packagers need the varlink generated file * Makefile; make podman depend on varlink_generate * Modify --user flag for podman create and run * Add some podman search test with filter * Fix podman search no-trunc test * Dusty would prefer it to be part of the release. * Add FIPS mode secret * Initial varlink implementation * Add restart test with timeout * Improve restart latest container test * Add start time check for restart test * add libpod.conf man page * Add seconds after epoch to copr rpms to tie break versioning * enable no test cache - Changelog for v0.4.3 (2018-04-20): * podman push without destination image * Add make .git target * Fix tests for podman run --attach * Print ctr ID if neither STDOUT and STDERR are attached * Add one test case for check diff in container and committed image * Vendor in latest containers/image and contaners/storage * Fix a typo * It is OK to start an already running container (with no attach) * Refactor logic for forceSecure in pull for readability * Small logic fix for podman pull with tls-verify * Allow podman start to attach to a running container * regression: tls verify should be set on registries.conf if insecure * ip validation game too strong * - reverse host field order (ip goes first) - fix host string split to permit IPv6 * Allow podman to exit exit codes of removed containers * Modify diff and inspect docs * Add oci-systemd-hook as a runtime dep to copr spec * validate dns-search values prior to creation * Change container.locked to batched * Add a function for check if command exist * Add WaitContainerReady for wait for docker registry ready * Add several podman push tests * podman pull should always try to pull * Allow the use of -i/-a on any container * Fix secrets patch * Remove demos.sh file from test - Changelog for v0.4.2 (2018-04-13): * Fix podman run --attach tests * Fix another comparison of a Go interface against nil * Allowing attaching stdin to non-interactive containers * Add tests for podman attach * Change attach to accept a struct containing streams * Fix terminal attach * Changes to attach to enable per-stream attaching * HACK temporary fix for test suite * Fix locking interaction in batched Exec() on container * Fix leaking files in Ginkgo * Force host UID/GID mapping when creating containers * Do not lock all containers during pod kill * Make pod stop lock one container at a time * Do not lock all containers during pod start * Containers transitioning to stop should not break stats * Add -i to exec for compatibility reasons * Unescape characters in inspect JSON format output * Use buildah commit for podman commit * Functionality changes to the following flags * Vendor in latest containers/storage and containers/image - Changelog for v0.4.1 (2018-04-05): * Remove image via storage if a buildah container is associated * Add hooks support to podman * Run images with no names * Prevent a potential race when stopping containers * Only allocate tty when -t * Stopping a stopped container should not be an error * Add conmon-pidfile flag to bash completions/manpages * --entrypoint= should delete existing entrypoint * Fix golint * Remove explicit Init() calls in run and start * Refactor dependency checks from init() into public API * Do not require Init() before Start() * Ensure dependencies are running before initializing containers * Add container dependencies to Inspect output * Add backend code for generic dependencies * Vendor in latest containers/image * Makefile: Fix typo podmon -> podman * Correct a godoc comment * Sleep for 5 seconds before pushing to registry in tests * Change errorf to warnf in warning removing ctr storage * Don't return an ImageConfig when creating storage * More gracefully handle unexpected storage deletion * Remove crictl from Dockerfile * Eliminate raceyness of sig-proxy test - Changelog for v0.3.5 (2018-03-29): * Allow sha256: prefix for input * Add secrets patch to podman * Fix tests * Remove a loop in container graph * Only start containers that are not running in pod start * Change pod Start() to use container dependency graph * Add tests for container graphs * Initial implementation of container graph generation * Error is already wrapped properly. * Check for duplicate names when generating new container and pod names. * podman: new option --conmon-pidfile= * Ensure container dependencies are part of the same pod * Prevent ctrs not in pods from depending on pod ctrs * Disable --sig-proxy tests due to race conditions * Remove dependency on kubernetes * Vendor in lots of kubernetes stuff to shrink image size * Fix some minor issues lint has been picking up * cmd/podman/run.go: Error nicely when no image found * podman exec should handle options --env foo * Remove current SQLite DB driver * Update containers/storage to pick up overlay driver fix * First tag, untag THEN reload the image * Add files section to podman man page - Changelog for v0.3.4 (2018-03-23): * Bump version to v0.3.4 * Make container env variable conditional * Stage 4 Image cleanup * Add CONTAINER environment variable * Small manpage reword * Document .containerenv in manpages. Move it to /run. * Add .containerenv file * Add script to determine dependency sizes * If cidfile exists, do not proceed * Removing tagged images change in behavior * Use podman to test podman on FAH * Migrate podman inspect and tag to image library * Migrate podman images to image library * Makefile: add changelog target * Image library stage 4 - create and commit * Add 'podman restart' asciinema * Fix Travis tests for sig-proxy